Log InTrial Access

451 Research - Biography

Wendy Nather
Research Director, Security

Wendy Nather is Research Director, Security, within 451 Research's Enterprise Security Program, providing analysis on the current state of security from the perspective of a veteran CISO. Wendy's primary areas of coverage are application security, identity and access management, threat intelligence, and security services.

Wendy joined 451 Research after five years building and managing all aspects of the IT security program at the Texas Education Agency, which serves 4.6 million Texas students. In that position, she directed multimillion-dollar initiatives for a statewide external user base of over 50,000. She also provided security guidance for the datacenter consolidation of 27 Texas state agencies.

Wendy previously worked in various roles in the investment banking division of Swiss Bank Corp (now UBS), including helping to build Europe's then-largest private trading floor. Based in Chicago, Zurich and London, she also served as the first IT Security Director for the EMEA region, managing the security aspects of various mergers, IT operations outsourcing and the division's first Internet presence. Wendy is coauthor of the book The Cloud Security Rules, and was named one of Tripwire's "Top 25 Influencers in Security You Should Be Following."

Wendy is based in Austin, Texas. You can follow her on Twitter at @451Wendy.


Reports by this Analyst

State of the State 2014: Application security
MIS Spotlight - April, 2014
This report gives an overview of the current state of the market in application security and how it has evolved in the past year – who's still playing, who's left the field, and who's new.
Hunting the target all the way to the endpoint: Dell SecureWorks' game is on
MIS Impact Report - April, 2014
The MSSP has announced its Advanced Endpoint Threat Detection service (powered by Bit9/Carbon Black), which extends its view into its customers' environment. We take a closer look.
Phishing intelligence from the data mines of Malcovery
MIS Impact Report - April, 2014
The Internet's oldest professions, phishing and malware, are continual problems for any organization trying to protect its brand. Malcovery aims to be the one-stop shop for in-depth intelligence on this and other email-borne threats.
Application security as a service: the 'un-WAF' from Prevoty
MIS Impact Report - April, 2014
The Los Angeles-based startup launched in October 2013 with an approach that tries to split the difference between the rock and the hard place. Dubbing it 'application security as a service,' the company is getting the attention of some big customers.
Signs of progress? Security's 10 greatest hits from 2012-2014
MIS Spotlight - March, 2014
We mulled over a lot of issues in the past two years. Here are the top 10 most-read reports from our security archives, including what we foresaw – and how it turned out.
Veracode's Software Component Analysis adds an application security ingredient list
MIS Impact Report - March, 2014
Is your internally developed code full of externally developed, genetically modified organisms? It's an important piece of the application security puzzle that Veracode is looking to address with its new Software Component Analysis feature.
Quotium Technologies brings clarity to application security testing
MIS Impact Report - March, 2014
The French company has been setting down roots in the US, and is ready to tackle its larger competitors on the grounds of visibility, reliability and ease of use. Quotium also recently attended the 2014 RSA Conference in San Francisco.
Gotta catch 'em all: Trustwave adds appsec testing vendor Cenzic to its collection
TDM Deal Analysis - March, 2014
As part of its strategy to be all things MSSP and compliance, Trustwave has added one of the last remaining pieces: application security testing technology. Cenzic was reportedly a motivated seller, so we suspect the price was right.
Bot or not? White Ops rescues the online ad industry from botnets and fraud
MIS Impact Report - February, 2014
To be a successful defender, you have to think like the adversary, but it takes a special kind of hacker to mess with him. White Ops turns the attack/defense dynamic on its head for great justice.
A look back at the top security trends of 2013
MIS Spotlight - February, 2014
In this report, we examine some of the insights we gleaned from security in 2013: 'scanless scanning,' cloud security reinvention, PCI 3.0, location-based authentication, and the chemistry of data.
Security Innovation raises the mizzenMAST, sails into managed appsec testing services
MIS Impact Report - February, 2014
Landlubbers need not apply: only veterans of the stormy appsec testing sea can deliver it as a managed service. Security Innovation unveils a new platform to go with it, while also taking a jab at the Dread Pirate RSA.
Quarri Technologies delivers the browser from evil
MIS Impact Report - February, 2014
Another participant in the 'browser backlash,' the company is taking a path with a lightweight agent that it hopes will prove more attractive than the alternatives.
RSA Conference 2014 preview – get your popcorn ready
MIS Spotlight - January, 2014
Controversy! Rebellion! Cloud application control! This year's conference promises fun for the whole security family.
2014 M&A Outlook – Enterprise security
TDM Others - January, 2014
As part of our end-of-year series of M&A analysis, we look at the deals that mattered in 2013 and assess the prospects for the next 12 months in the enterprise security sector. Where will we see acquisitions, and who might be involved?
Cyveillance creates a marketplace for security threat intelligence
MIS Impact Report - January, 2014
With intelligence feeds flooding the market, enterprises may get overwhelmed by the choices. Cyveillance wants to be their broker and take over the work of ensuring quality, standardization of feeds and reports, and transparency to the buyer.
IID gets ready to share the wealth in threat intelligence
MIS Impact Report - December, 2013
From its early anti-phishing work, the company has evolved into a threat intelligence data provider. Now it's unveiling a collaborative platform to let customers in on the action.
Blue Coat shows its predator side, acquires Norman Shark
TDM Deal Analysis - December, 2013
Putting some more bite into its presence in the security industry, Blue Coat is the latest to enter the 'advanced threat detection' and malware analysis business.
Blue Coat shows its predator side, acquires Norman Shark
TDM Deal Analysis - December, 2013
Putting some more bite into its presence in the security industry, Blue Coat is the latest to enter the 'advanced threat detection' and malware analysis business.
Checkmarx expands its application security coverage
MIS Impact Report - December, 2013
With more cash in the till, the Israeli company is growing fast and thinking big. Joining DAST vendors and updating its CxSuite product are a couple ways the company is expanding.
Security Compass finds its path forward
MIS Impact Report - December, 2013
Together with its spinoff product company, SD Elements, the vendor has charted its path to value for application security customers.
The glimmering promise in Light Point Security
MIS Impact Report - December, 2013
A very small company with a potentially large space waiting for it, Light Point Security is already drawing attention even though it's barely out of stealth.
For Duo Security, the second authentication factor is the fun factor
MIS Impact Report - December, 2013
The days of peering at tiny numbers on a hardware token are coming to an end, especially as the baby boomers head into presbyopia country. Duo Security is trying to make phone-based authentication as easy as pushing one button.
Security gossip: social networking meets threat intelligence
MIS Spotlight - November, 2013
The more you know, the better you can defend yourself, but information-sharing in the security industry comes with both technical and social hurdles.
8KMiles crosses the chasm in cloud-based identity federation
MIS Impact Report - November, 2013
With its acquisition of FuGen, the company is following a strategy of tackling some of the most difficult parts of ID federation and making them easier for customers. It could lead to an important new service.
Frank discussions at the Enterprise 451 Security Summit
MIS Spotlight - November, 2013
The theme of the event was Bring Your Own Problem, and it was an invitation many senior security executives couldn't resist. Besides conflicted feelings about cloud security, many other sentiments echoed in the halls and from the stage.
The security and antifraud markets inch closer together
TDM Sector IQ - November, 2013
With intrusions happening at the application layer, traditional security firms are realizing that they can learn a thing or two from fraud detection.
Cigital scales its security services by moving into the cloud
MIS Impact Report - October, 2013
Dynamic and static application security testing services that are validated by a team of experts on the back end; now where have we seen this before?
WhiteHat has a new secure browser; what does the Firefox say?
MIS Impact Report - October, 2013
The backlash has started against mainstream browsers – not just because of their security issues, but because of their support for advertising and tracking sites. Vendors who have their bread buttered on the other side are stepping in.
Conflicted feelings about cloud security
MIS Spotlight - October, 2013
At our Enterprise 451 executive security summit in New York, we heard a lot of mixed messages about cloud adoption and about what it takes to gain the trust of CISOs.
Alert Logic reports Q3: building momentum with a new partner onboard
HITS Insight - October, 2013
Private security-as-a-service provider Alert Logic is seeing strong growth from sales through public and private cloud providers and has received backing from Welsh Carson Anderson & Stowe during the quarter.
With Sendmail pickup, Proofpoint buys a piece of the Internet
TDM Deal Analysis - October, 2013
Proofpoint's acquisition of a fundamental building block – the company best known for the widely used sendmail messaging transfer agent – could mean a substantial evolution of its own messaging services business.
The other StillSecure shoe drops; Versata picks it up
TDM Deal Analysis - September, 2013
After the carve-out and sale of StillSecure's MSSP business to SilverSky in June, the rest of the company is purchased by Versata, the acquisition arm of Trilogy Enterprises.
Where has all the appsec gone?
TIP Thursday / Security - September, 2013
Nearly half of the enterprise users surveyed said they had no plans to implement the given appsec technology. No plans. None. At all.
Packetloop finds a safe Arbor in advantageous acquisition
TDM Deal Analysis - September, 2013
Another security-analytics deal adds high-speed deep packet inspection in a cloud-based platform to Arbor's anti-DDoS capabilities.
An early marriage proves fruitful for Click Security and VisibleRisk
TDM Deal Analysis - August, 2013
Barely a year after its emergence from stealth, Click Security has found a local partner to complete it – which is resulting in a substantial metamorphosis.
A buff Barracuda shows off its biggest firmware update ever
MIS Impact Report - August, 2013
The company's Web Filter 7.0 features an updated UI and new functionality – some of which could prove to be both useful to the enterprise and of concern to its employees.
The malware detection dilemma: what comes after 'advanced'?
MIS Spotlight - August, 2013
Here's what FireEye and its competitors are really teaching us about the current state of security.
Proofpoint adds security layers by acquiring Armorize Technologies
TDM Deal Analysis - August, 2013
Advanced malware calls for advanced detection. Proofpoint is incorporating technology from a very experienced vendor in Asia.
With $175m planned offering, FireEye looks to be infosec's next red-hot IPO
TDM Debut IQ - August, 2013
Whether FireEye's description of its product as 'next-generation threat protection' is mostly marketing or not, the offering is a hit. Putting up $100m in sales in just three years is a pretty good bit of business, one that Wall Street will reward.
Cloudy with a chance of malware: Seculert's advanced detection
MIS Impact Report - July, 2013
Using every advantage that cloud computing has to offer, the threat intelligence firm looks to provide foolproof malware detection as a service.
The state of security in Vegas: suits, spooks and sprogs
MIS Spotlight - July, 2013
What we expect to see at the Black Hat, B-Sides and DEF CON security conferences this year – and what's missing.
Alert Logic reports continued strong growth in Q2
HITS Insight - July, 2013
Private security-as-a-service provider Alert Logic reported another solid quarter this week.
What's your vector, Victor? Fidelis tackles malware detection
MIS Impact Report - July, 2013
Malware detection for the masses – that's the spin that the General Dynamics subsidiary is putting on its newest appliance.
Detective Damballa is on the malware case
MIS Impact Report - July, 2013
With a change of some top executives, Damballa has revamped its sales model and expanded its offerings, including new profiling of peer-to-peer activity.
EMC's RSA expands its identity intelligence capabilities with Aveksa buy
TDM Deal Analysis - July, 2013
A promising piece is added to the company's identity, authentication and access governance puzzle – with synergies in analytics across multiple domains.
Invincea Inside: Dell delivers a 'protected workspace' for the enterprise
MIS Impact Report - June, 2013
The strategic partnership has Dell shipping all enterprise desktops with Invincea preinstalled, for free. Could this spell the end of traditional AV?
Where do you think you are? It matters for security
MIS Spotlight - June, 2013
Location-based security has been slowly developing with more technology to support it. But it still has its drawbacks as well as potential advantages.
Solutionary joins NTT's managed security services portfolio
TDM Deal Analysis - June, 2013
The acquisition marks a big potential win for the telco, expanding its reach and capabilities – including in the cloud.
A broader and deeper threat intelligence portfolio for Verisign iDefense
MIS Impact Report - June, 2013
The company has been around for a long time, but its competitive field has grown quite a bit in the past couple of years. A new approach may be in order.
All together now: Trend Micro unveils Web App Security as a Service
MIS Impact Report - June, 2013
Ever the expert at bundling, the company has put together a security package that's a good start for website owners.

 

Subscribers

Forgotten password?

Not a Subscriber

Apply for a trial account today to obtain access to insight from 451 Research analysts worldwide and experience our products and services first hand.

Apply → Close

Browse By Sector

Select a sector from the list below.

Close
loading
Sector Browser Loading.

Subscribers

Forgotten password?

Not a Subscriber

Apply for a trial account today to obtain access to insight from 451 Research analysts worldwide and experience our products and services first hand.

Apply → Close